CVE-2025-68580
WordPress Advanced Classifieds & Directory Pro plugin <= 3.2.9 - Cross Site Request Forgery (CSRF) vulnerabilityCross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9.
We have discovered 372 live websites that are affected by CVE-2025-68580.
Affected Software
| Product |  Advanced Classifieds And Directory Pro |
| Category | Wordpress Plugins |
| Vulnerable Domains | 372 live websites (80% of Advanced Classifieds And Directory Pro install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 26 versions ( 93% of all versions) |
Details
- Published - Dec 24, 2025
- Updated - Jan 20, 2026
Credits
- Nabil Irawan | Patchstack Bug Bounty Program (finder)
CVE References
Website Distribution by Country
Number of websites using CVE-2025-68580 United States | 50 websites |
 Poland | 185 websites |
 Germany | 26 websites |
 GB | 16 websites |
 France | 12 websites |
 Italy | 9 websites |
 Russia | 8 websites |
 Spain | 7 websites |
 South Africa | 5 websites |
 Australia | 5 websites |
Website Distribution by TLD
Number of websites using CVE-2025-68580| .pl | 148 websites |
| .com | 70 websites |
| .de | 19 websites |
| .co.uk | 9 websites |
| .org | 8 websites |
| .ru | 7 websites |
| .it | 6 websites |
| .com.br | 5 websites |
| .net | 4 websites |
| .com.au | 4 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-68580
Top websites that are affected by CVE-2025-68580. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.com |  Canada | **,*** | |
| *****.com | GB | ***,*** | |
| *************.com | United States | ***,*** | |
| ***************.com | United States | *,***,*** | |
| **********.com | United States | *,***,*** | |
| **************.de | Germany | *,***,*** | |
| *************************.com | GB | *,***,*** | |
| **********.org | United States | *,***,*** | |
| ************************.de | Germany | *,***,*** | |
| **************.com | United States | *,***,*** |
FAQ
A total of 372 websites have been identified as vulnerable to CVE-2025-68580, based on global website indexing conducted by WebTechSurvey.
The Advanced Classifieds And Directory Pro is affected by the CVE-2025-68580 vulnerability.
Advanced Classifieds And Directory Pro versions up to and including 3.2.9 are vulnerable to CVE-2025-68580.